Redis on Azure

[Kevin Burton]

I created a Linux Ubuntu VM and installed redis on it. This worked fine now I am trying to put redis on an Azure Ubuntu VM using the instructions I found: http://blogs.msdn.com/b/tconte/archive/2012/06/08/running-redis-on-a-centos-linux-vm-in-windows-azure.aspx. Unfortunately this does not work. I followed all of the instructions with the exception that I am running a Ubuntu VM rather than the CentOS VM. The reason that I think it is failing is two-fold. 

One, on the one that worked the configuration was in a folder /etc/redis and named 6379.conf. On the Azure that doesn't work the configuration is not specified and I am guessing that it is supposed to be part of 'make install' (both installations were built from source). But there isn't a /etc/redis folder:

azureuser@bsiubuntu:~$ ls -l /etc/redis

ls: cannot access /etc/redis: No such file or directory

But there is a /etc/redis.conf file. This is the first problem. Where does redis look for the configuration? It looks like the path to the configuration is an argument of the start up of the server. 

Two, on the installation that worked the start up in init.d (named redis_6369) has a line like: /usr/local/bin/redis-server /etc/redis/6379.conf. On the installation on Azure that doesn't work the file in init.d has a line like:

        if start-stop-daemon --start --quiet --umask 007 --pidfile /var/run/redis.pid --ch

uid redis:redis --exec /usr/local/bin/redis-server --background -- /etc/redis.conf

The /var/run/redis.pid file is empty as is /var/log/redis/redis.log. And ps aux | grep redis tells me that redis-server is not running. Where as on the VM that works the log file shows:

[1694] 07 Dec 08:36:31.164 * Max number of open files set to 10032

                _._                                                  

           _.-``__ ''-._                                             

      _.-``    `.  `_.  ''-._           Redis 2.6.3 (00000000/0) 64 bit

  .-`` .-```.  ```\/    _.,_ ''-._                                   

 (    '      ,       .-`  | `,    )     Running in stand alone mode

 |`-._`-...-` __...-.``-._|'` _.-'|     Port: 6379

 |    `-._   `._    /     _.-'    |     PID: 1694

  `-._    `-._  `-./  _.-'    _.-'                                   

 |`-._`-._    `-.__.-'    _.-'_.-'|                                  

 |    `-._`-._        _.-'_.-'    |           http://redis.io        

  `-._    `-._`-.__.-'_.-'    _.-'                                   

 |`-._`-._    `-.__.-'    _.-'_.-'|                                  

 |    `-._`-._        _.-'_.-'    |                                  

  `-._    `-._`-.__.-'_.-'    _.-'                                   

      `-._    `-.__.-'    _.-'                                       

          `-._        _.-'                                           

              `-.__.-'                                               

[1694] 07 Dec 08:36:31.185 # Server started, Redis version 2.6.3

[1694] 07 Dec 08:36:31.185 # WARNING overcommit_memory is set to 0! Background save may fail under low memory condition. To fix this issue add 'vm.overcommit_memory = 1' to /etc/sysctl.conf and then reboot or run the command 'sysctl vm.overcommit_memory=1' for this to take effect.

[1694] 07 Dec 08:36:52.880 * DB loaded from disk: 21.696 seconds

[1694] 07 Dec 08:36:52.880 * The server is now ready to accept connections on port 6379

And the same ps command yields:

 root      1694  5.2 11.4 497756 464828 ?       Rsl  08:36   1:21 /usr/local/bin/redis-server /etc/redis/6379.conf

So is the way the daemon started a problem?

Any ideas would be helpful.

[Kevin Burton]

I forgot to mention the reason that I think it doesn't work is I executed 'redis-benchmark.exe -h xxxx.cloudapp.net' and I get the error 'Could not connect to Redis at xxxx.cloudapp.net:6379: Unknown error'.

[Felix Gallo]

Check your firewall settings.

F. 

--
You received this message because you are subscribed to the Google Groups "Redis DB" group.
To view this discussion on the web visit https://groups.google.com/d/msg/redis-db/-/X7TV1vs-UFUJ.
To post to this group, send email to redi...@googlegroups.com.
To unsubscribe from this group, send email to redis-db+u...@googlegroups.com.
For more options, visit this group at http://groups.google.com/group/redis-db?hl=en.

[Felix Gallo]

I'm going to elucidate a bit here actually, because people in the future may have the same issue.

IF you successfully see 'redis' running in your process list via 'ps' (e.g. you run 'ps -ef | grep redis' and it shows you a process there)

AND on the same box, you can connect to redis with 'redis-cli' (e.g., 'redis-cli -p 6379')

AND on a different box across the internet, you are unable to connect to that box using the same command and port (e.g. 'redis-cli -p 6379')

THEN you either have a typing error, OR a DNS issue, OR a firewall issue.

Typing error likelihood: medium -- you may not be attempting to connect to the right box, and/or are not connecting to the right port.

DNS issue likelihood: smallish -- generally cloud instances in particular are pretty good at self-registering for DNS.

firewall issue likelihood: super high -- most cloud providers lock down essentially all ports on new instances, so that they are not hijacked/hacked/screwed with; and most certainly they generally have a 'forbid first, permit only on demand' policy.  So unless you have taken an affirmative direct action to permit port 6379 to be seen by the outside world*, you are probably banging up against the firewall when attempting to connect to the instance.

On Ubuntu, the default firewall which you probably have set up is 'iptables'.  To look at what the firewall is allowing and permitting, run 'iptables -L' as root.

Firewall configuration is pretty complex and out of the scope of this mailing list, so if you don't have an Ubuntu expert available to you, feel free to drop me a note and I'll see if I can help you.  

But it is absolutely critical for me to point out that under no circumstances ever should you merely open port 6379 to the internet, because like all databases, redis has no serious security measures and is not designed to be internet-facing.  Instead, open up port 6379 to only those machines that absolutely require access.

F.

[Jay A. Kreibich]

On Fri, Dec 07, 2012 at 09:29:40AM -0800, Felix Gallo scratched on the wall:

> I'm going to elucidate a bit here actually, because people in the future
> may have the same issue.
>
> IF you successfully see 'redis' running in your process list via 'ps' (e.g.
> you run 'ps -ef | grep redis' and it shows you a process there)
> AND on the same box, you can connect to redis with 'redis-cli' (e.g.,
> 'redis-cli -p 6379')
> AND on a different box across the internet, you are unable to connect to
> that box using the same command and port (e.g. 'redis-cli -p 6379')
> THEN you either have a typing error, OR a DNS issue, OR a firewall issue.

Or a config issue, such as someone uncommenting the default
"bind 127.0.0.1" statement in the standard config file.

-j

--
Jay A. Kreibich < J A Y @ K R E I B I.C H >

"Intelligence is like underwear: it is important that you have it,
but showing it to the wrong people has the tendency to make them
feel uncomfortable." -- Angela Johnson

[Kevin Burton]

I checked the /var/log/boot.log and I see 'Starting redis-server: redis-server'. If I look at the startup file I see:

  start)

          start)

        echo -n "Starting $DESC: "

        touch $PIDFILE

        chown redis:redis $PIDFILE

        if start-stop-daemon --start --quiet --umask 007 --pidfile $PIDFILE --ch

uid redis:redis --exec $DAEMON --background -- $DAEMON_ARGS

        then

                echo "$NAME."

        else

                echo "failed"

        fi

        ;;

So it is my conclusion that it started then quit. If I look at the processes running with ps aux it is not running. Is there a switch or something that I can see why it quit. I don't think this is a firewall issue as yet because we are not even getting the server to start. Once it starts then I can worry about connecting to it and then it might be a firewall problem.

I tried starting the server by hand and I got:

*** FATAL CONFIG FILE ERROR ***

Reading the configuration file, at line 307

>>> 'vm-enabled no'

Bad directive or wrong number of arguments

Now we are getting somewhere. I don't know why I didn't try this before.

On the machine that works there are no vm-xxx options in the config file. Is this a configuration option that has been removed?

[Kevin Burton]

That was the problem!! I had to comment out all lines in the configuration file that began with vm-. It also didn't seem to recognize the *zipmap* entries. Neither of these types of configuration entries were in my redis server that "worked". Are these features supposed to be implemented? Thanks again for the help.

[Greg Andrews]

It looks to me like you installed a pre-packaged version of Redis (perhaps part of the Ubuntu Linux distribution), then replaced the pre-packaged executable file with a newer version, but didn't also replace the pre-packaged config file with the newer version.

  -Greg

On Fri, Dec 7, 2012 at 1:19 PM, Kevin Burton <rkevin...@charter.net> wrote:

That was the problem!! I had to comment out all lines in the configuration file that began with vm-. It also didn't seem to recognize the *zipmap* entries. Neither of these types of configuration entries were in my redis server that "worked". Are these features supposed to be implemented? Thanks again for the help.

--
You received this message because you are subscribed to the Google Groups "Redis DB" group.

To view this discussion on the web visit https://groups.google.com/d/msg/redis-db/-/UoyL8u2ZloEJ.

[Kevin Burton]

I built from source on a fresh VM. How can I make sure I have the latest?

On Friday, December 7, 2012 9:07:13 AM UTC-6, Kevin Burton wrote:

[Felix Gallo]

The redis distribution includes an example config file which matches the functionality of the redis version it ships with.  Just take that file, modify it to your requirements, and put it whereever your startup script expects it.

F.

--
You received this message because you are subscribed to the Google Groups "Redis DB" group.

To view this discussion on the web visit https://groups.google.com/d/msg/redis-db/-/HO5XOLnG39YJ.

[Greg Andrews]

Yes, I know you built from source, but the Redis source code does not the have an init.d script that uses the "start-stop-daemon" command you posted in this discussion thread.  That looks like part of the Ubuntu pre-packaged Redis installation.  Where there's smoke there's fire.  You have one file from an Ubuntu package (the init.d script), so you probably had others, too.  Like the config file.  Does this "fresh" VM perhaps have a pre-packaged Redis installed on it?

There can be several parts to a Linux daemon program like Redis.  There are the compiled binary files, the configuration file(s), the start/stop (init.d) script, the user/group ids that the program should run as, the collection of directories for the program's binary files, config files, log files, and data files, and other things.  Upgrading only one part (binary files) without upgrading any others (config file) can cause trouble.
 
  -Greg

On Fri, Dec 7, 2012 at 7:07 PM, Kevin Burton <rkevin...@charter.net> wrote:

--
You received this message because you are subscribed to the Google Groups "Redis DB" group.